Modernized middleware tests.
* Used override_settings consistently -- changes to DEBUG could leak. * Took advantage of assertRaisesRegexp. * Fixed indentation -- some code was indented at 2 spaces.
This commit is contained in:
Aymeric Augustin
parent
884f77bd15
commit
feb41c3246
|
|
@ -20,17 +20,6 @@ from django.utils.six.moves import xrange
|
||||||
|
|
||||||
|
|
||||||
class CommonMiddlewareTest(TestCase):
|
class CommonMiddlewareTest(TestCase):
|
||||||
def setUp(self):
|
|
||||||
self.append_slash = settings.APPEND_SLASH
|
|
||||||
self.prepend_www = settings.PREPEND_WWW
|
|
||||||
self.ignorable_404_urls = settings.IGNORABLE_404_URLS
|
|
||||||
self.send_broken_email_links = settings.SEND_BROKEN_LINK_EMAILS
|
|
||||||
|
|
||||||
def tearDown(self):
|
|
||||||
settings.APPEND_SLASH = self.append_slash
|
|
||||||
settings.PREPEND_WWW = self.prepend_www
|
|
||||||
settings.IGNORABLE_404_URLS = self.ignorable_404_urls
|
|
||||||
settings.SEND_BROKEN_LINK_EMAILS = self.send_broken_email_links
|
|
||||||
|
|
||||||
def _get_request(self, path):
|
def _get_request(self, path):
|
||||||
request = HttpRequest()
|
request = HttpRequest()
|
||||||
|
|
@ -41,74 +30,66 @@ class CommonMiddlewareTest(TestCase):
|
||||||
request.path = request.path_info = "/middleware/%s" % path
|
request.path = request.path_info = "/middleware/%s" % path
|
||||||
return request
|
return request
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_have_slash(self):
|
def test_append_slash_have_slash(self):
|
||||||
"""
|
"""
|
||||||
Tests that URLs with slashes go unmolested.
|
Tests that URLs with slashes go unmolested.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('slash/')
|
request = self._get_request('slash/')
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_slashless_resource(self):
|
def test_append_slash_slashless_resource(self):
|
||||||
"""
|
"""
|
||||||
Tests that matches to explicit slashless URLs go unmolested.
|
Tests that matches to explicit slashless URLs go unmolested.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('noslash')
|
request = self._get_request('noslash')
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_slashless_unknown(self):
|
def test_append_slash_slashless_unknown(self):
|
||||||
"""
|
"""
|
||||||
Tests that APPEND_SLASH doesn't redirect to unknown resources.
|
Tests that APPEND_SLASH doesn't redirect to unknown resources.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('unknown')
|
request = self._get_request('unknown')
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_redirect(self):
|
def test_append_slash_redirect(self):
|
||||||
"""
|
"""
|
||||||
Tests that APPEND_SLASH redirects slashless URLs to a valid pattern.
|
Tests that APPEND_SLASH redirects slashless URLs to a valid pattern.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('slash')
|
request = self._get_request('slash')
|
||||||
r = CommonMiddleware().process_request(request)
|
r = CommonMiddleware().process_request(request)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(r.status_code, 301)
|
||||||
self.assertEqual(r['Location'], 'http://testserver/middleware/slash/')
|
self.assertEqual(r['Location'], 'http://testserver/middleware/slash/')
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True, DEBUG=True)
|
||||||
def test_append_slash_no_redirect_on_POST_in_DEBUG(self):
|
def test_append_slash_no_redirect_on_POST_in_DEBUG(self):
|
||||||
"""
|
"""
|
||||||
Tests that while in debug mode, an exception is raised with a warning
|
Tests that while in debug mode, an exception is raised with a warning
|
||||||
when a failed attempt is made to POST to an URL which would normally be
|
when a failed attempt is made to POST to an URL which would normally be
|
||||||
redirected to a slashed version.
|
redirected to a slashed version.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
settings.DEBUG = True
|
|
||||||
request = self._get_request('slash')
|
request = self._get_request('slash')
|
||||||
request.method = 'POST'
|
request.method = 'POST'
|
||||||
self.assertRaises(
|
with six.assertRaisesRegex(self, RuntimeError, 'end in a slash'):
|
||||||
RuntimeError,
|
|
||||||
CommonMiddleware().process_request,
|
|
||||||
request)
|
|
||||||
try:
|
|
||||||
CommonMiddleware().process_request(request)
|
CommonMiddleware().process_request(request)
|
||||||
except RuntimeError as e:
|
|
||||||
self.assertTrue('end in a slash' in str(e))
|
|
||||||
settings.DEBUG = False
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=False)
|
||||||
def test_append_slash_disabled(self):
|
def test_append_slash_disabled(self):
|
||||||
"""
|
"""
|
||||||
Tests disabling append slash functionality.
|
Tests disabling append slash functionality.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = False
|
|
||||||
request = self._get_request('slash')
|
request = self._get_request('slash')
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_quoted(self):
|
def test_append_slash_quoted(self):
|
||||||
"""
|
"""
|
||||||
Tests that URLs which require quoting are redirected to their slash
|
Tests that URLs which require quoting are redirected to their slash
|
||||||
version ok.
|
version ok.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('needsquoting#')
|
request = self._get_request('needsquoting#')
|
||||||
r = CommonMiddleware().process_request(request)
|
r = CommonMiddleware().process_request(request)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(r.status_code, 301)
|
||||||
|
|
@ -116,9 +97,8 @@ class CommonMiddlewareTest(TestCase):
|
||||||
r['Location'],
|
r['Location'],
|
||||||
'http://testserver/middleware/needsquoting%23/')
|
'http://testserver/middleware/needsquoting%23/')
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=False, PREPEND_WWW=True)
|
||||||
def test_prepend_www(self):
|
def test_prepend_www(self):
|
||||||
settings.PREPEND_WWW = True
|
|
||||||
settings.APPEND_SLASH = False
|
|
||||||
request = self._get_request('path/')
|
request = self._get_request('path/')
|
||||||
r = CommonMiddleware().process_request(request)
|
r = CommonMiddleware().process_request(request)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(r.status_code, 301)
|
||||||
|
|
@ -126,18 +106,16 @@ class CommonMiddlewareTest(TestCase):
|
||||||
r['Location'],
|
r['Location'],
|
||||||
'http://www.testserver/middleware/path/')
|
'http://www.testserver/middleware/path/')
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True, PREPEND_WWW=True)
|
||||||
def test_prepend_www_append_slash_have_slash(self):
|
def test_prepend_www_append_slash_have_slash(self):
|
||||||
settings.PREPEND_WWW = True
|
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('slash/')
|
request = self._get_request('slash/')
|
||||||
r = CommonMiddleware().process_request(request)
|
r = CommonMiddleware().process_request(request)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(r.status_code, 301)
|
||||||
self.assertEqual(r['Location'],
|
self.assertEqual(r['Location'],
|
||||||
'http://www.testserver/middleware/slash/')
|
'http://www.testserver/middleware/slash/')
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True, PREPEND_WWW=True)
|
||||||
def test_prepend_www_append_slash_slashless(self):
|
def test_prepend_www_append_slash_slashless(self):
|
||||||
settings.PREPEND_WWW = True
|
|
||||||
settings.APPEND_SLASH = True
|
|
||||||
request = self._get_request('slash')
|
request = self._get_request('slash')
|
||||||
r = CommonMiddleware().process_request(request)
|
r = CommonMiddleware().process_request(request)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(r.status_code, 301)
|
||||||
|
|
@ -148,128 +126,117 @@ class CommonMiddlewareTest(TestCase):
|
||||||
# The following tests examine expected behavior given a custom urlconf that
|
# The following tests examine expected behavior given a custom urlconf that
|
||||||
# overrides the default one through the request object.
|
# overrides the default one through the request object.
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_have_slash_custom_urlconf(self):
|
def test_append_slash_have_slash_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests that URLs with slashes go unmolested.
|
Tests that URLs with slashes go unmolested.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
request = self._get_request('customurlconf/slash/')
|
||||||
request = self._get_request('customurlconf/slash/')
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_slashless_resource_custom_urlconf(self):
|
def test_append_slash_slashless_resource_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests that matches to explicit slashless URLs go unmolested.
|
Tests that matches to explicit slashless URLs go unmolested.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
request = self._get_request('customurlconf/noslash')
|
||||||
request = self._get_request('customurlconf/noslash')
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_slashless_unknown_custom_urlconf(self):
|
def test_append_slash_slashless_unknown_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests that APPEND_SLASH doesn't redirect to unknown resources.
|
Tests that APPEND_SLASH doesn't redirect to unknown resources.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
request = self._get_request('customurlconf/unknown')
|
||||||
request = self._get_request('customurlconf/unknown')
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_redirect_custom_urlconf(self):
|
def test_append_slash_redirect_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests that APPEND_SLASH redirects slashless URLs to a valid pattern.
|
Tests that APPEND_SLASH redirects slashless URLs to a valid pattern.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
request = self._get_request('customurlconf/slash')
|
||||||
request = self._get_request('customurlconf/slash')
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
r = CommonMiddleware().process_request(request)
|
||||||
r = CommonMiddleware().process_request(request)
|
self.assertFalse(r is None,
|
||||||
self.assertFalse(r is None,
|
"CommonMiddlware failed to return APPEND_SLASH redirect using request.urlconf")
|
||||||
"CommonMiddlware failed to return APPEND_SLASH redirect using request.urlconf")
|
self.assertEqual(r.status_code, 301)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(r['Location'], 'http://testserver/middleware/customurlconf/slash/')
|
||||||
self.assertEqual(r['Location'], 'http://testserver/middleware/customurlconf/slash/')
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True, DEBUG=True)
|
||||||
def test_append_slash_no_redirect_on_POST_in_DEBUG_custom_urlconf(self):
|
def test_append_slash_no_redirect_on_POST_in_DEBUG_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests that while in debug mode, an exception is raised with a warning
|
Tests that while in debug mode, an exception is raised with a warning
|
||||||
when a failed attempt is made to POST to an URL which would normally be
|
when a failed attempt is made to POST to an URL which would normally be
|
||||||
redirected to a slashed version.
|
redirected to a slashed version.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
request = self._get_request('customurlconf/slash')
|
||||||
settings.DEBUG = True
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request = self._get_request('customurlconf/slash')
|
request.method = 'POST'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
with six.assertRaisesRegex(self, RuntimeError, 'end in a slash'):
|
||||||
request.method = 'POST'
|
CommonMiddleware().process_request(request)
|
||||||
self.assertRaises(
|
|
||||||
RuntimeError,
|
|
||||||
CommonMiddleware().process_request,
|
|
||||||
request)
|
|
||||||
try:
|
|
||||||
CommonMiddleware().process_request(request)
|
|
||||||
except RuntimeError as e:
|
|
||||||
self.assertTrue('end in a slash' in str(e))
|
|
||||||
settings.DEBUG = False
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=False)
|
||||||
def test_append_slash_disabled_custom_urlconf(self):
|
def test_append_slash_disabled_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests disabling append slash functionality.
|
Tests disabling append slash functionality.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = False
|
request = self._get_request('customurlconf/slash')
|
||||||
request = self._get_request('customurlconf/slash')
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(CommonMiddleware().process_request(request), None)
|
||||||
self.assertEqual(CommonMiddleware().process_request(request), None)
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True)
|
||||||
def test_append_slash_quoted_custom_urlconf(self):
|
def test_append_slash_quoted_custom_urlconf(self):
|
||||||
"""
|
"""
|
||||||
Tests that URLs which require quoting are redirected to their slash
|
Tests that URLs which require quoting are redirected to their slash
|
||||||
version ok.
|
version ok.
|
||||||
"""
|
"""
|
||||||
settings.APPEND_SLASH = True
|
request = self._get_request('customurlconf/needsquoting#')
|
||||||
request = self._get_request('customurlconf/needsquoting#')
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
r = CommonMiddleware().process_request(request)
|
||||||
r = CommonMiddleware().process_request(request)
|
self.assertFalse(r is None,
|
||||||
self.assertFalse(r is None,
|
"CommonMiddlware failed to return APPEND_SLASH redirect using request.urlconf")
|
||||||
"CommonMiddlware failed to return APPEND_SLASH redirect using request.urlconf")
|
self.assertEqual(r.status_code, 301)
|
||||||
self.assertEqual(r.status_code, 301)
|
self.assertEqual(
|
||||||
self.assertEqual(
|
r['Location'],
|
||||||
r['Location'],
|
'http://testserver/middleware/customurlconf/needsquoting%23/')
|
||||||
'http://testserver/middleware/customurlconf/needsquoting%23/')
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=False, PREPEND_WWW=True)
|
||||||
def test_prepend_www_custom_urlconf(self):
|
def test_prepend_www_custom_urlconf(self):
|
||||||
settings.PREPEND_WWW = True
|
request = self._get_request('customurlconf/path/')
|
||||||
settings.APPEND_SLASH = False
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request = self._get_request('customurlconf/path/')
|
r = CommonMiddleware().process_request(request)
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(r.status_code, 301)
|
||||||
r = CommonMiddleware().process_request(request)
|
self.assertEqual(
|
||||||
self.assertEqual(r.status_code, 301)
|
r['Location'],
|
||||||
self.assertEqual(
|
'http://www.testserver/middleware/customurlconf/path/')
|
||||||
r['Location'],
|
|
||||||
'http://www.testserver/middleware/customurlconf/path/')
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True, PREPEND_WWW=True)
|
||||||
def test_prepend_www_append_slash_have_slash_custom_urlconf(self):
|
def test_prepend_www_append_slash_have_slash_custom_urlconf(self):
|
||||||
settings.PREPEND_WWW = True
|
request = self._get_request('customurlconf/slash/')
|
||||||
settings.APPEND_SLASH = True
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request = self._get_request('customurlconf/slash/')
|
r = CommonMiddleware().process_request(request)
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(r.status_code, 301)
|
||||||
r = CommonMiddleware().process_request(request)
|
self.assertEqual(r['Location'],
|
||||||
self.assertEqual(r.status_code, 301)
|
'http://www.testserver/middleware/customurlconf/slash/')
|
||||||
self.assertEqual(r['Location'],
|
|
||||||
'http://www.testserver/middleware/customurlconf/slash/')
|
|
||||||
|
|
||||||
|
@override_settings(APPEND_SLASH=True, PREPEND_WWW=True)
|
||||||
def test_prepend_www_append_slash_slashless_custom_urlconf(self):
|
def test_prepend_www_append_slash_slashless_custom_urlconf(self):
|
||||||
settings.PREPEND_WWW = True
|
request = self._get_request('customurlconf/slash')
|
||||||
settings.APPEND_SLASH = True
|
request.urlconf = 'regressiontests.middleware.extra_urls'
|
||||||
request = self._get_request('customurlconf/slash')
|
r = CommonMiddleware().process_request(request)
|
||||||
request.urlconf = 'regressiontests.middleware.extra_urls'
|
self.assertEqual(r.status_code, 301)
|
||||||
r = CommonMiddleware().process_request(request)
|
self.assertEqual(r['Location'],
|
||||||
self.assertEqual(r.status_code, 301)
|
'http://www.testserver/middleware/customurlconf/slash/')
|
||||||
self.assertEqual(r['Location'],
|
|
||||||
'http://www.testserver/middleware/customurlconf/slash/')
|
|
||||||
|
|
||||||
# Tests for the 404 error reporting via email
|
# Tests for the 404 error reporting via email
|
||||||
|
|
||||||
|
@override_settings(IGNORABLE_404_URLS=(re.compile(r'foo'),),
|
||||||
|
SEND_BROKEN_LINK_EMAILS = True)
|
||||||
def test_404_error_reporting(self):
|
def test_404_error_reporting(self):
|
||||||
settings.IGNORABLE_404_URLS = (re.compile(r'foo'),)
|
|
||||||
settings.SEND_BROKEN_LINK_EMAILS = True
|
|
||||||
request = self._get_request('regular_url/that/does/not/exist')
|
request = self._get_request('regular_url/that/does/not/exist')
|
||||||
request.META['HTTP_REFERER'] = '/another/url/'
|
request.META['HTTP_REFERER'] = '/another/url/'
|
||||||
response = self.client.get(request.path)
|
response = self.client.get(request.path)
|
||||||
|
|
@ -277,17 +244,17 @@ class CommonMiddlewareTest(TestCase):
|
||||||
self.assertEqual(len(mail.outbox), 1)
|
self.assertEqual(len(mail.outbox), 1)
|
||||||
self.assertIn('Broken', mail.outbox[0].subject)
|
self.assertIn('Broken', mail.outbox[0].subject)
|
||||||
|
|
||||||
|
@override_settings(IGNORABLE_404_URLS=(re.compile(r'foo'),),
|
||||||
|
SEND_BROKEN_LINK_EMAILS = True)
|
||||||
def test_404_error_reporting_no_referer(self):
|
def test_404_error_reporting_no_referer(self):
|
||||||
settings.IGNORABLE_404_URLS = (re.compile(r'foo'),)
|
|
||||||
settings.SEND_BROKEN_LINK_EMAILS = True
|
|
||||||
request = self._get_request('regular_url/that/does/not/exist')
|
request = self._get_request('regular_url/that/does/not/exist')
|
||||||
response = self.client.get(request.path)
|
response = self.client.get(request.path)
|
||||||
CommonMiddleware().process_response(request, response)
|
CommonMiddleware().process_response(request, response)
|
||||||
self.assertEqual(len(mail.outbox), 0)
|
self.assertEqual(len(mail.outbox), 0)
|
||||||
|
|
||||||
|
@override_settings(IGNORABLE_404_URLS=(re.compile(r'foo'),),
|
||||||
|
SEND_BROKEN_LINK_EMAILS = True)
|
||||||
def test_404_error_reporting_ignored_url(self):
|
def test_404_error_reporting_ignored_url(self):
|
||||||
settings.IGNORABLE_404_URLS = (re.compile(r'foo'),)
|
|
||||||
settings.SEND_BROKEN_LINK_EMAILS = True
|
|
||||||
request = self._get_request('foo_url/that/does/not/exist/either')
|
request = self._get_request('foo_url/that/does/not/exist/either')
|
||||||
request.META['HTTP_REFERER'] = '/another/url/'
|
request.META['HTTP_REFERER'] = '/another/url/'
|
||||||
response = self.client.get(request.path)
|
response = self.client.get(request.path)
|
||||||
|
|
@ -424,70 +391,66 @@ class XFrameOptionsMiddlewareTest(TestCase):
|
||||||
"""
|
"""
|
||||||
Tests for the X-Frame-Options clickjacking prevention middleware.
|
Tests for the X-Frame-Options clickjacking prevention middleware.
|
||||||
"""
|
"""
|
||||||
def setUp(self):
|
|
||||||
self.x_frame_options = settings.X_FRAME_OPTIONS
|
|
||||||
|
|
||||||
def tearDown(self):
|
|
||||||
settings.X_FRAME_OPTIONS = self.x_frame_options
|
|
||||||
|
|
||||||
def test_same_origin(self):
|
def test_same_origin(self):
|
||||||
"""
|
"""
|
||||||
Tests that the X_FRAME_OPTIONS setting can be set to SAMEORIGIN to
|
Tests that the X_FRAME_OPTIONS setting can be set to SAMEORIGIN to
|
||||||
have the middleware use that value for the HTTP header.
|
have the middleware use that value for the HTTP header.
|
||||||
"""
|
"""
|
||||||
settings.X_FRAME_OPTIONS = 'SAMEORIGIN'
|
with override_settings(X_FRAME_OPTIONS='SAMEORIGIN'):
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
HttpResponse())
|
HttpResponse())
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
settings.X_FRAME_OPTIONS = 'sameorigin'
|
with override_settings(X_FRAME_OPTIONS='sameorigin'):
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
HttpResponse())
|
HttpResponse())
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
def test_deny(self):
|
def test_deny(self):
|
||||||
"""
|
"""
|
||||||
Tests that the X_FRAME_OPTIONS setting can be set to DENY to
|
Tests that the X_FRAME_OPTIONS setting can be set to DENY to
|
||||||
have the middleware use that value for the HTTP header.
|
have the middleware use that value for the HTTP header.
|
||||||
"""
|
"""
|
||||||
settings.X_FRAME_OPTIONS = 'DENY'
|
with override_settings(X_FRAME_OPTIONS='DENY'):
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
HttpResponse())
|
HttpResponse())
|
||||||
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
||||||
|
|
||||||
settings.X_FRAME_OPTIONS = 'deny'
|
with override_settings(X_FRAME_OPTIONS='deny'):
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
HttpResponse())
|
HttpResponse())
|
||||||
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
||||||
|
|
||||||
def test_defaults_sameorigin(self):
|
def test_defaults_sameorigin(self):
|
||||||
"""
|
"""
|
||||||
Tests that if the X_FRAME_OPTIONS setting is not set then it defaults
|
Tests that if the X_FRAME_OPTIONS setting is not set then it defaults
|
||||||
to SAMEORIGIN.
|
to SAMEORIGIN.
|
||||||
"""
|
"""
|
||||||
del settings.X_FRAME_OPTIONS
|
with override_settings(X_FRAME_OPTIONS=None):
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
del settings.X_FRAME_OPTIONS # restored by override_settings
|
||||||
HttpResponse())
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
HttpResponse())
|
||||||
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
def test_dont_set_if_set(self):
|
def test_dont_set_if_set(self):
|
||||||
"""
|
"""
|
||||||
Tests that if the X-Frame-Options header is already set then the
|
Tests that if the X-Frame-Options header is already set then the
|
||||||
middleware does not attempt to override it.
|
middleware does not attempt to override it.
|
||||||
"""
|
"""
|
||||||
settings.X_FRAME_OPTIONS = 'DENY'
|
with override_settings(X_FRAME_OPTIONS='DENY'):
|
||||||
response = HttpResponse()
|
response = HttpResponse()
|
||||||
response['X-Frame-Options'] = 'SAMEORIGIN'
|
response['X-Frame-Options'] = 'SAMEORIGIN'
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
response)
|
response)
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
settings.X_FRAME_OPTIONS = 'SAMEORIGIN'
|
with override_settings(X_FRAME_OPTIONS='SAMEORIGIN'):
|
||||||
response = HttpResponse()
|
response = HttpResponse()
|
||||||
response['X-Frame-Options'] = 'DENY'
|
response['X-Frame-Options'] = 'DENY'
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
response)
|
response)
|
||||||
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
||||||
|
|
||||||
def test_response_exempt(self):
|
def test_response_exempt(self):
|
||||||
"""
|
"""
|
||||||
|
|
@ -495,18 +458,18 @@ class XFrameOptionsMiddlewareTest(TestCase):
|
||||||
to False then it still sets the header, but if it's set to True then
|
to False then it still sets the header, but if it's set to True then
|
||||||
it does not.
|
it does not.
|
||||||
"""
|
"""
|
||||||
settings.X_FRAME_OPTIONS = 'SAMEORIGIN'
|
with override_settings(X_FRAME_OPTIONS='SAMEORIGIN'):
|
||||||
response = HttpResponse()
|
response = HttpResponse()
|
||||||
response.xframe_options_exempt = False
|
response.xframe_options_exempt = False
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
response)
|
response)
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
response = HttpResponse()
|
response = HttpResponse()
|
||||||
response.xframe_options_exempt = True
|
response.xframe_options_exempt = True
|
||||||
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = XFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
response)
|
response)
|
||||||
self.assertEqual(r.get('X-Frame-Options', None), None)
|
self.assertEqual(r.get('X-Frame-Options', None), None)
|
||||||
|
|
||||||
def test_is_extendable(self):
|
def test_is_extendable(self):
|
||||||
"""
|
"""
|
||||||
|
|
@ -523,23 +486,23 @@ class XFrameOptionsMiddlewareTest(TestCase):
|
||||||
return 'SAMEORIGIN'
|
return 'SAMEORIGIN'
|
||||||
return 'DENY'
|
return 'DENY'
|
||||||
|
|
||||||
settings.X_FRAME_OPTIONS = 'DENY'
|
with override_settings(X_FRAME_OPTIONS='DENY'):
|
||||||
response = HttpResponse()
|
response = HttpResponse()
|
||||||
response.sameorigin = True
|
response.sameorigin = True
|
||||||
r = OtherXFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = OtherXFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
response)
|
response)
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
request = HttpRequest()
|
request = HttpRequest()
|
||||||
request.sameorigin = True
|
request.sameorigin = True
|
||||||
r = OtherXFrameOptionsMiddleware().process_response(request,
|
r = OtherXFrameOptionsMiddleware().process_response(request,
|
||||||
HttpResponse())
|
HttpResponse())
|
||||||
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
self.assertEqual(r['X-Frame-Options'], 'SAMEORIGIN')
|
||||||
|
|
||||||
settings.X_FRAME_OPTIONS = 'SAMEORIGIN'
|
with override_settings(X_FRAME_OPTIONS='SAMEORIGIN'):
|
||||||
r = OtherXFrameOptionsMiddleware().process_response(HttpRequest(),
|
r = OtherXFrameOptionsMiddleware().process_response(HttpRequest(),
|
||||||
HttpResponse())
|
HttpResponse())
|
||||||
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
self.assertEqual(r['X-Frame-Options'], 'DENY')
|
||||||
|
|
||||||
|
|
||||||
class GZipMiddlewareTest(TestCase):
|
class GZipMiddlewareTest(TestCase):
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue